/*****************************************************************************
 *   Copyright 2005 Tim A Wang
 *
 *   Licensed under the Apache License, Version 2.0 (the "License");
 *   you may not use this file except in compliance with the License.
 *   You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 *   Unless required by applicable law or agreed to in writing, software
 *   distributed under the License is distributed on an "AS IS" BASIS,
 *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *   See the License for the specific language governing permissions and
 *   limitations under the License.
 *
 ****************************************************************************/
package com.jb.security.jaas;

import com.jb.faces.context.FacesContext;

import com.jb.security.GuestUser;
import com.jb.security.SecurityManager;
import com.jb.web.session.SessionUser;
import com.jb.security.SessionUserImpl;

//TODO

/**
 * Implementation of SecurityManager that does not do anything for user account
 * information.
 */
 
public class JAASSecurityManager implements SecurityManager {
    static final String GUEST = "Guest";
    
    private SessionUserImpl userAccount = null;
    public void initialize(FacesContext ctx) {
        
    }

    public int authorize(FacesContext ctx, SessionUser guest, Object resource) {
        return 0; //guest can see anything
    }

    public SessionUser login(FacesContext pCtx, String userName, 
                                    char[] password) {
        if (GUEST.equals(userName)) {
            return null;
        }

        SessionUserImpl userAccount = new SessionUserImpl();
        userAccount.setId(userName);
        userAccount.setUserName(userName);

        if (userName.equals("root") || userName.equals("jb")) {
            if ("welcome".equals(password)) {
                userAccount.setAccess(0);
                return userAccount;
            } else {
                return null;
            }
        }

        userAccount.setAccess(1000);

        return userAccount;
    }

    public SessionUser createGuestUser() {
        return new GuestUser();
    }

    public SessionUser createUser(FacesContext ctx, String userName, String password) {
        userAccount = new SessionUserImpl();
        userAccount.setId(userName);
        userAccount.setUserName(userName);
        userAccount.setScreenName(userName);

        return userAccount;
    }
    public void updateUser(FacesContext ctx, SessionUser user) {
        //no op
    }
    public SessionUser findUser(FacesContext ctx, String userName) {
        userAccount.setId(userName);
        userAccount = new SessionUserImpl();
        userAccount.setUserName(userName);
        userAccount.setScreenName(userName);

        return userAccount;
    }

    public void logout(FacesContext pCtx, SessionUser user) {
        //
    }

    public String toString() {
        return "DummySecurityManager";
    }
}
